From 1bbd67f7d7cc0af84476394424118851c4ca1b1f Mon Sep 17 00:00:00 2001
From: wangmengyang <wangmengyang@espressif.com>
Date: Thu, 28 Dec 2017 14:51:19 +0800
Subject: [PATCH] component/bt: disable Secure Connections(Host Supported) of
 classic Bluetooth to workaround AES encryption issue in controller

1. ESP32 is found to suffer from AES encryption start/resume failure with specific device. Therefore temporarily disable BR/EDR Secure Connections for a workaround
2. BR/EDR Secure Connections is a feature for BT Classic introduced in Bluetooth 4.1. This change disables the setting of Secure Connections(Host Supported), and will result in the use of legacy authentication instead of secure authentication, and E0 encryption(legacy) instead of AES-CCM encryption. BLE security procedures are not affected.
---
 components/bt/bluedroid/include/bt_target.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/components/bt/bluedroid/include/bt_target.h b/components/bt/bluedroid/include/bt_target.h
index fe39f8b9b..da71657ae 100644
--- a/components/bt/bluedroid/include/bt_target.h
+++ b/components/bt/bluedroid/include/bt_target.h
@@ -647,7 +647,8 @@
 
 /* 4.1/4.2 secure connections feature */
 #ifndef SC_MODE_INCLUDED
-#define SC_MODE_INCLUDED                TRUE
+// Disable AES-CCM (BT 4.1) for BT Classic to workaround controller AES issue. E0 encryption (BT 4.0) will be used.
+#define SC_MODE_INCLUDED                FALSE
 #endif
 
 /* Used for conformance testing ONLY */